One Star

Selft signed SSL tREST

I am trying to call a rest service with a self signed certificate but I get the error below. Any suggestions to bypass this?
Exception in component tREST_1
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:131)
at com.sun.jersey.api.client.Client.handle(Client.java:616)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:559)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:72)
at com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:454)
at forecast.test_0_1.test.tMysqlInput_1Process(test.java:1091)
at forecast.test_0_1.test.runJobInTOS(test.java:1524)
at forecast.test_0_1.test.main(test.java:1383)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
disconnected
1 REPLY
Seven Stars

Re: Selft signed SSL tREST

Hello, you need to have the certificate installed as "trusted" or the connections will fail.  The trusted store for the JVM is <java home>/jre/lib/security/cacerts and you can import yours there with keytool to get it to be trusted.  Try
keytool -import -noprompt -trustcacerts -alias <give it an alias> -file <path to certificate> -keystore <path to cacerts>

and see that if that alleviates your issue.  If not you can try putting it into your own keystore and using the tSetKeystore component.  See this for the official documentation on importing a certificate and this for more information on the keytool (it's the man page for it).
Hope that helps!